| Summary: | <media-gfx/libredwg-0.12.5.5865: stack buffer overflow | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | trivial | CC: | andrewammerlaan |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://github.com/LibreDWG/libredwg/issues/494 | ||
| Whiteboard: | ~3 [noglsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
John Helmert III
2022-07-03 01:51:21 UTC
CVE-2022-35164 (https://github.com/LibreDWG/libredwg/issues/497): LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain. Looks like there's a patch on a separate branch. CVE-2022-45332 (https://github.com/LibreDWG/libredwg/issues/524): LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e8d02fce183569d91b4eaeefddd9fc9f3280d64 commit 4e8d02fce183569d91b4eaeefddd9fc9f3280d64 Author: Andrew Ammerlaan <andrewammerlaan@gentoo.org> AuthorDate: 2023-05-01 13:13:19 +0000 Commit: Andrew Ammerlaan <andrewammerlaan@gentoo.org> CommitDate: 2023-05-01 13:15:57 +0000 media-gfx/libredwg: add 0.12.5.5487 Should fix CVE-2022-45332 and CVE-2022-45332. The patch for CVE-2022-35164 is still not merged to master yet because apparently there are some problems with this patch. Bug: https://bugs.gentoo.org/905327 Bug: https://bugs.gentoo.org/856034 Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org> media-gfx/libredwg/Manifest | 1 + media-gfx/libredwg/libredwg-0.12.5.5487.ebuild | 113 +++++++++++++++++++++++++ 2 files changed, 114 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ff4e76bd91741c20f4c93c94dfb3366c5df24737 commit ff4e76bd91741c20f4c93c94dfb3366c5df24737 Author: Andrew Ammerlaan <andrewammerlaan@gentoo.org> AuthorDate: 2023-06-27 12:03:59 +0000 Commit: Andrew Ammerlaan <andrewammerlaan@gentoo.org> CommitDate: 2023-06-27 12:06:11 +0000 media-gfx/libredwg: add 0.12.5.5865 patch for CVE-2022-35164 is in this version Bug: https://bugs.gentoo.org/856034 Bug: https://bugs.gentoo.org/905327 Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org> media-gfx/libredwg/Manifest | 1 + media-gfx/libredwg/libredwg-0.12.5.5865.ebuild | 113 +++++++++++++++++++++++++ 2 files changed, 114 insertions(+) Do we know where the particular patches for each CVE are? The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=155a3f7e540554ffd19e914cc8b54c9725522797 commit 155a3f7e540554ffd19e914cc8b54c9725522797 Author: Andrew Ammerlaan <andrewammerlaan@gentoo.org> AuthorDate: 2023-09-14 08:59:56 +0000 Commit: Andrew Ammerlaan <andrewammerlaan@gentoo.org> CommitDate: 2023-09-14 08:59:56 +0000 media-gfx/libredwg: drop 0.12.5-r1, 0.12.5.5865 Closes: https://bugs.gentoo.org/905443 Closes: https://bugs.gentoo.org/896222 Bug: https://bugs.gentoo.org/905327 Bug: https://bugs.gentoo.org/856034 Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org> media-gfx/libredwg/Manifest | 2 - media-gfx/libredwg/libredwg-0.12.5-r1.ebuild | 113 ------------------------- media-gfx/libredwg/libredwg-0.12.5.5865.ebuild | 113 ------------------------- 3 files changed, 228 deletions(-) Thanks! |